What is OpenDKIM?
It is a digital email signing/verification technology, which is already supported by some common mail providers. In general, DKIM means digitally signing all messages on the mail-server to verify the message was actually sent from the domain in question and was not spam

UPDATE THE SYSTEM

Before going any further, make sure you’re in a screen session and your system is fully up-to-date by running:

## screen -U -S opendkim-screen
## yum update

ENABLE EPEL REPOSITORY

OpenDKIM is available in the EPEL repository, so we need to enable it on the system before we can install OpenDKIM

But still, there are other features missing like using dovecot sieve rules to filter emails on server-side, scanning emails for viruses etc.. In the next few related articles, we will be adding additional features to the set-up so stay tuned.

I use Godaddy to change my DNS ZoneFile, and even though I followed your walkthrough I still got a failed result for DKIM saying that the signature could not be verified. Any ideas how I could possibly fix that?

DomainKeys Identified Mail (DKIM) is the successor to Yahoo’s DomainKeys. They are quite similar in functionality, except that DKIM has additionally adopted aspects from additional Mail Standards, it is more flexible and secure, it supports multiple signature algorithms (as opposed to just one available with DomainKeys), it has the ability to support signature timeouts in DNS and a few more useful options…

So, you don’t really need DomainKeys if you have DKIM set-up on your mail server.

Each domain have authoritative DNS servers that publish information about that domain. You may use the ‘host -t ns mydomain.com’ command to identify the DNS servers responsible (authoritative) for your domain’s zone file.

If you didn’t change the authoritative name servers for your domain at your domain registrar at the time of registration or later any time, most likely you use your domain registrar’s name servers so you can create a new TXT domain record for your domain via your domain registrar. Log in to your domain registrar, find the ‘DNS Zone Editor’ (or the section where you can create a DNS record) and create a new TXT DNS record.

If you use custom name servers for your domain, you need to edit the DNS zone file hosted at your name servers.

Public key used for verification: default._domainkey.multihome.com(1024 bits)

NOTE: DKIM checking has been performed based on the latest DKIM specs
(RFC 4871 or draft-ietf-dkim-base-10) and verification may fail for
older versions. If you are using Port25’s PowerMTA, you need to use
version 3.2r11 or later to get a compatible version of DKIM.